X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Ffunctions.php;h=25aa0e93360b1355be31ad0aba7a695c05452ee2;hp=4fcb932fcecd2503c4887d5662c04552cb99e05b;hb=b8e55a5faa25153eee1c0f55661815142041eb8d;hpb=60494e212a67fe360bfbb481eb4928480a6f379b
diff --git a/inc/functions.php b/inc/functions.php
index 4fcb932fce..25aa0e9336 100644
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -166,7 +166,7 @@ function OUTPUT_HTML($HTML, $NEW_LINE = true) {
// Output the raw HTML code
function OUTPUT_RAW ($HTML) {
- if ((mxchange_installed) && (basename($_SERVER['PHP_SELF']) != "install.php")) {
+ if ((isBooleanConstantAndTrue('mxchange_installed')) && (basename($_SERVER['PHP_SELF']) != "install.php")) {
// Not in install-mode so strip slashes away
echo stripslashes($HTML);
} else {
@@ -273,13 +273,13 @@ function LOAD_TEMPLATE($template, $return=false, $content="") {
}
// Does the special template exists?
- if (!file_exists($file)) {
+ if ((!file_exists($file)) || (!is_readable($file))) {
// Reset to default template
$file = $BASE.$template.".tpl";
}
// Now does the final template exists?
- if (file_exists($file)) {
+ if ((file_exists($file)) && (is_readable($file))) {
// The local file does exists so we load it. :)
$tmpl_file = implode("", file($file));
@@ -298,7 +298,7 @@ function LOAD_TEMPLATE($template, $return=false, $content="") {
// Add surrounding HTML comments to help finding bugs faster
$ret = "\n".$ret."\n";
- } elseif ((IS_ADMIN()) || ((mxchange_installing) && (!mxchange_installed))) {
+ } elseif ((IS_ADMIN()) || ((isBooleanConstantAndTrue('mxchange_installing')) && (!isBooleanConstantAndTrue('mxchange_installed')))) {
// Only admins shall see this warning or when installation mode is active
$ret = "
".TEMPLATE_404."
(".basename($file).")
@@ -320,7 +320,7 @@ function LOAD_TEMPLATE($template, $return=false, $content="") {
// Output direct
OUTPUT_HTML($ret);
}
- } elseif (DEBUG_MODE) {
+ } elseif (isBooleanConstantAndTrue('DEBUG_MODE')) {
// Warning, empty output!
return "E:".$template."
\n";
}
@@ -355,7 +355,7 @@ function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML='N', $FROM="") {
// Append header
$FROM .= LOAD_EMAIL_TEMPLATE("header");
}
- } elseif (DEBUG_MODE) {
+ } elseif (isBooleanConstantAndTrue('DEBUG_MODE')) {
if (empty($FROM)) {
// Load email header template
$FROM = LOAD_EMAIL_TEMPLATE("header");
@@ -367,7 +367,7 @@ function SEND_EMAIL($TO, $SUBJECT, $MSG, $HTML='N', $FROM="") {
// Fix HTML parameter (default is no!)
if (empty($HTML)) $HTML = 'N';
- if (DEBUG_MODE) {
+ if (isBooleanConstantAndTrue('DEBUG_MODE')) {
// In debug mode we want to display the mail instead of sending it away so we can debug this part
echo "
".htmlentities(trim($FROM))."
@@ -638,17 +638,11 @@ function TRANSLATE_STATUS($status)
return $ret;
}
//
-function GET_LANGUAGE()
-{
- global $_COOKIE, $_GET;
-
- if (!empty($_GET['mx_lang']))
- {
+function GET_LANGUAGE() {
+ if (!empty($_GET['mx_lang'])) {
// Accept only first 2 chars
$lang = substr($_GET['mx_lang'], 0, 2);
- }
- else
- {
+ } else {
// Do nothing
$lang = "";
}
@@ -657,39 +651,33 @@ function GET_LANGUAGE()
$ret = DEFAULT_LANG;
// Check GET variable and cookie
- if (!empty($lang))
- {
+ if (!empty($lang)) {
// Check if main language file does exist
- if (file_exists(PATH."inc/language/".$lang.".php"))
- {
+ if (file_exists(PATH."inc/language/".$lang.".php")) {
// Okay found, so let's update cookies
SET_LANGUAGE($lang);
}
- }
- elseif (!empty($_COOKIE['mx_lang']))
- {
+ } elseif (!isSessionVariableSet('mx_lang')) {
// Return stored value from cookie
- $ret = $_COOKIE['mx_lang'];
+ $ret = get_session('mx_lang');
+
+ // Fixes a warning before the session has the mx_lang constant
+ if (empty($ret)) $ret = DEFAULT_LANG;
}
return $ret;
}
//
-function SET_LANGUAGE($lang)
-{
+function SET_LANGUAGE($lang) {
global $_CONFIG;
// Accept only first 2 chars!
$lang = substr(SQL_ESCAPE(strip_tags($lang)), 0, 2);
// Set cookie
- @setcookie("mx_lang", $lang, (time() + $_CONFIG['online_timeout']), COOKIE_PATH);
-
- // Set array
- $_COOKIE['mx_lang'] = $lang;
+ set_session("mx_lang", $lang);
}
//
-function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0")
-{
+function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0") {
global $DATA, $_CONFIG, $REPLACER;
// Keept for backward-compatiblity (please replace these variables against our new {--CONST--} syntax!)
@@ -701,31 +689,26 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0")
$HTTP_USER_AGENT = getenv('HTTP_USER_AGENT');
$ADMIN = MAIN_TITLE;
- if (!empty($_COOKIE['admin_login']))
- {
+ if (isSessionVariableSet('admin_login')) {
// Load Admin data
$result = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_admins WHERE login='%s' LIMIT 1",
- array(SQL_ESCAPE($_COOKIE['admin_login'])), __FILE__, __LINE__);
+ array(SQL_ESCAPE(get_session('admin_login'))), __FILE__, __LINE__);
list($ADMIN) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
}
// Expiration in a nice output format
- if ($_CONFIG['auto_purge'] == 0)
- {
+ if ($_CONFIG['auto_purge'] == 0) {
// Will never expire!
$EXPIRATION = MAIL_WILL_NEVER_EXPIRE;
- }
- elseif (function_exists('CREATE_FANCY_TIME'))
- {
+ } elseif (function_exists('CREATE_FANCY_TIME')) {
// Create nice date string
$EXPIRATION = CREATE_FANCY_TIME($_CONFIG['auto_purge']);
- }
- else
- {
+ } else {
// Display days only
$EXPIRATION = round($_CONFIG['auto_purge']/60/60/24)." "._DAYS;
}
+
switch ($template)
{
case "bonus-mail": // Load data for the bonus mail
@@ -803,11 +786,11 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0")
case "back-admin":
case "back-member":
- $points = TRANSLATE_COMMA($DATA[10]);
+ $points = TRANSLATE_COMMA($DATA[10]);
break;
case "add-points":
- $points = $_POST['points'];
+ $points = bigintval($_POST['points']);
break;
case "guest_request_confirm":
@@ -816,18 +799,14 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0")
}
// Load user's data
- if ($UID > 0)
- {
- if (EXT_IS_ACTIVE("nickname"))
- {
+ if ($UID > 0) {
+ if (EXT_IS_ACTIVE("nickname")) {
// Load nickname
$result = SQL_QUERY_ESC("SELECT surname, family, sex, email, nickname FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
array(bigintval($UID)), __FILE__, __LINE__);
list($surname, $family, $sex, $email, $nick) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
- }
- else
- {
+ } else {
// Load normal data
$result = SQL_QUERY_ESC("SELECT surname, family, sex, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
array(bigintval($UID)), __FILE__, __LINE__);
@@ -835,9 +814,7 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0")
SQL_FREERESULT($result);
$nick = "---";
}
- }
- else
- {
+ } else {
// Neutral sex and email address is default
$sex = 'N';
$email = WEBMASTER;
@@ -853,40 +830,29 @@ function LOAD_EMAIL_TEMPLATE($template, $content="", $UID="0")
$BASE = PATH."templates/".GET_LANGUAGE()."/emails/";
// Check for admin/guest/member templates
- if (strpos($template, "admin_") > -1)
- {
+ if (strpos($template, "admin_") > -1) {
// Admin template found
$file = $BASE."admin/".$template.".tpl";
- }
- elseif (strpos($template, "guest_") > -1)
- {
+ } elseif (strpos($template, "guest_") > -1) {
// Guest template found
$file = $BASE."guest/".$template.".tpl";
- }
- elseif (strpos($template, "member_") > -1)
- {
+ } elseif (strpos($template, "member_") > -1) {
// Member template found
$file = $BASE."member/".$template.".tpl";
- }
- else
- {
+ } else {
// Test for extension
$test = substr($template, 0, strpos($template, "_"));
- if (EXT_IS_ACTIVE($test))
- {
+ if (EXT_IS_ACTIVE($test)) {
// Set extra path to extension's name
$file = $BASE.$test."/".$template.".tpl";
- }
- else
- {
+ } else {
// No special filename
$file = $BASE.$template.".tpl";
}
}
// Does the special template exists?
- if (!@file_exists($file))
- {
+ if ((!@file_exists($file)) || (!is_readable($file))) {
// Reset to default template
$file = $BASE.$template.".tpl";
}
@@ -941,6 +907,8 @@ function MAKE_TIME($H, $M, $S, $stamp)
}
//
function LOAD_URL($URL, $addUrlData=true) {
+ global $CSS, $_CONFIG, $link, $db, $footer;
+
// Check if http(s):// is there
if ((substr($URL, 0, 7) != "http://") && (substr($URL, 0, 8) != "https://")) {
// Make all URLs full-qualified
@@ -1221,12 +1189,12 @@ function GEN_RANDOM_CODE($length, $code, $uid, $DATA="")
$data = $code.":".$uid.":".$DATA;
// Add more additional data
- if (isset($_COOKIE['u_hash'])) $data .= ":".$_COOKIE['u_hash'];
- if (isset($GLOBALS['userid'])) $data .= ":".$GLOBALS['userid'];
- if (isset($_COOKIE['lifetime'])) $data .= ":".$_COOKIE['lifetime'];
- if (isset($_COOKIE['mxchange_theme'])) $data .= ":".$_COOKIE['mxchange_theme'];
- if (isset($_COOKIE['mx_lang'])) $data .= ":".$_COOKIE['mx_lang'];
- if (isset($GLOBALS['refid'])) $data .= ":".$GLOBALS['refid'];
+ if (isSessionVariableSet('u_hash')) $data .= ":".get_session('u_hash');
+ if (isset($GLOBALS['userid'])) $data .= ":".$GLOBALS['userid'];
+ if (isSessionVariableSet('lifetime')) $data .= ":".get_session('lifetime');
+ if (isSessionVariableSet('mxchange_theme')) $data .= ":".get_session('mxchange_theme');
+ if (isSessionVariableSet('mx_lang')) $data .= ":".GET_LANGUAGE();
+ if (isset($GLOBALS['refid'])) $data .= ":".$GLOBALS['refid'];
// Calculate number for generating the code
$a = $code + _ADD - 1;
@@ -1998,7 +1966,9 @@ function ADD_URL_DATA($URL)
//
function generatePassString($passHash) {
global $_CONFIG;
- $ret = "*FAILED*";
+
+ // Return vanilla password hash
+ $ret = $passHash;
// Is a secret key and master salt already initialized?
if ((!empty($_CONFIG['secret_key'])) && (!empty($_CONFIG['master_salt']))) {
@@ -2019,6 +1989,7 @@ function generatePassString($passHash) {
$start += 4;
$newHash .= $mod;
}
+
//* DEBUG: */ die($passHash."
".$newHash." (".strlen($newHash).")");
$ret = generateHash($newHash, $_CONFIG['master_salt']);
}
@@ -2033,8 +2004,8 @@ function FIX_DELETED_COOKIES ($cookies) {
// Then check all cookies if they are marked as deleted!
foreach ($cookies as $cookieName) {
// Is the cookie set to "deleted"?
- if ((isset($_COOKIE[$cookieName])) && ($_COOKIE[$cookieName] == "deleted")) {
- unset($_COOKIE[$cookieName]);
+ if (get_session($cookieName) == "deleted") {
+ set_session($cookieName, "");
}
}
}
@@ -2082,6 +2053,63 @@ function DISPLAY_PARSING_TIME_FOOTER() {
LOAD_TEMPLATE("footer_stats", false, $content);
}
+// Unset/set session variables
+function set_session ($var, $value) {
+ global $CSS;
+ // Abort in CSS mode here
+ if ($CSS == 1) return true;
+
+ // Trim value and session variable
+ $var = trim(SQL_ESCAPE($var)); $value = trim($value);
+
+ // Is the session variable set?
+ if (("".$value."" == "") && (isSessionVariableSet($var))) {
+ // Remove the session
+ //* DEBUG: */ echo "UNSET:".$var."=".get_session($var)."
\n";
+ unset($_SESSION[$var]);
+ return session_unregister($var);
+ } elseif (("".$value."" != "") && (!isSessionVariableSet($var))) {
+ // Set session
+ //* DEBUG: */ echo "SET:".$var."=".$value."
\n";
+ $_SESSION[$var] = $value;
+ return session_register($var);
+ }
+
+ // Return always true if the session variable is already set.
+ // Keept me busy for a longer while...
+ //* DEBUG: */ echo "IGNORED:".$var."=".$value."
\n";
+ return true;
+}
+// Check wether a boolean constant is set
+// Taken from user comments in PHP documentation for function constant()
+function isBooleanConstantAndTrue($constname) { // : Boolean
+ $res = false;
+ if (defined($constname)) $res = (constant($constname) === true);
+ return($res);
+}
+
+// Check wether a session variable is set
+function isSessionVariableSet($var) {
+ return (isset($_SESSION[$var]));
+}
+
+// Returns wether the value of the session variable or NULL if not set
+function get_session($var) {
+ if (!isset($_SESSION)) session_start();
+
+ // Default is not found! ;-)
+ $value = null;
+
+ // Is the variable there?
+ if (isSessionVariableSet($var)) {
+ // Then get it secured!
+ $value = SQL_ESCAPE($_SESSION[$var]);
+ }
+
+ // Return the value
+ return $value;
+}
+
//
//////////////////////////////////////////////
// //